In kerberos, the authentication server has plain text passwords, and the initial

Question

In kerberos, the authentication server has plain text passwords, and the initial encryption is a hash of the password(KA(Alice)). This is insecure. If we change the storage format, we may achiece better security. Explain how the following changes affect security:

a) What if the passwords were stored in hash form?

b) What if the passwords are stores as hash of password and they key is hash of hash of password

C) What if the passwords are stores as hash of hash of password and they key is hash of hash of password

Explanation / Answer

(a) What if the passwords were stored in hash form?

If the passwords stored in hash form or If we have the hash, we can’t run the algorithm backwards to get the original password. This means a hacker would have to obtain the hashes and then try a number of different password combinations to see which ones worked.

(b)What if the passwords are stores as hash of password and they key is hash of hash of password?

(c) What if the passwords are stores as hash of password and they key is hash of hash of password?

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.